<meta charset="utf-8">
<?php
require_once("tools.php");

$con = new con_db();

if ($_POST['id'] == '') {
    echo "<script language='javascript' type='text/javascript'>alert('您已注销或未登录，请重新登录')</script>";
    $url = "index.php";
    echo "<script>location.href='".$url."';</script>";
}

$sql    = "SELECT * FROM Persons
           WHERE zhanghao='$_POST[id]'";
$result = $con->query($sql);

while ($row = $result->fetch_assoc()) {
    if ($row['mima'] == $_POST['psd']) {
        if ($row['loginright'] == 0) {
            echo "<script language='javascript' type='text/javascript'>alert('您被禁止登陆，请联系管理员')</script>";
            $url = "index.php";
            echo "<script>location.href='".$url."';</script>";
        } else {
        
        setcookie("user", $_POST['id'], time() + 3600);
        setcookie("bkgcolordone", $row['bkc'], time() + 3600);
        setcookie("bkgcolor", $row['bkc'], time() + 3600);
        setcookie("admin", $row['admin'], time() + 3600);
        
        $url = "homepage.php";
        header('location:' . $url);
        }
        
    } else {
        echo "<script language='javascript' type='text/javascript'>alert('密码错误')</script>";
        
        $url = "index.php";
        echo "<script>location.href='".$url."';</script>";
    }
}

echo "<script>alert('该用户不存在，或者未知错误');</script>";

$url = "index.php";
echo "<script>location.href='".$url."';</script>";
?>
